How the US is trying to fight for better cybersecurity
Though cybersecurity problems and responses have entered mainstream discourse, the wholesale issue of cyber threats isn’t going away any time soon. That’s spurred a major response from security firms, businesses, and people to better protect themselves and data from potential hijacking. But even still, cybersecurity infrastructure in the United States is falling behind, which is why administrative efforts are being made to continue investing in practical solutions.
Much of the protective itinerary remains consistent: to improve resilience, educate victims, defend against ransomware, and finding methods to counter intrusions. But doing so is easier said than done.
The road ahead
So, beyond the goals stated by the measures, what needs to be done for cybersecurity to improve in America?
One major point critical to stopping threats like ransomware gangs is cooperating on an international level. Ransomware gangs and malware threats are a global issue, and headlines often catch tumultuous events such as critical infrastructure breaches. But these attacks can come from anywhere, and often are outside of the US.
Attackers do so because they feel protected from reproach. It’s difficult to track and arrest cyber criminals when it comes to international boarders, not only because of murky legalities, but also because tracking international cyber criminals is challenging. International cooperation to locate and apprehend ransomware gangs (or similar) is necessary in order to make any meaningful headway in the cybersecurity fight.
That’s one of the key points in the race to strengthen US cybersecurity. Examples of such have proven practical in the past, demonstrating how cooperation (or lack thereof) create various hurdles and challenges. For instance, the notorious REvil, one of the more prolific and dangerous ransomware gangs, was dissolved in October 2021 thanks to cooperating Russian and US authorities. Russian authorities had to enforce and arrest based on charges and evidence brought over by the United States. However, once “complications” of Russia’s war on Ukraine broke out, to say the least, negotiations flatlined and cooperation ceased. Since the conflict, REvil has been able to return to routine operations.
In that brief but important example, it demonstrates how international cooperation creates success and failure. Furthermore, it’s not only important for bringing international cyber criminals to justice, or at least stopping their operations. International cooperation means agencies can share information, expertise, and other resources to further enhance their ability to combat malware organizations.
The continued need for cybersecurity education
Unsurprisingly, education on cybersecurity related issues remains another top priority. It proves, too, as one of the most challenging aspects of good cybersecurity education. The question remains: how? It’s not about teaching good strategies to IT experts who already know the tools of the trade. It’s about reaching the general public and giving them the mental tools to recognize scams when they present themselves, among things. Social media, after all, is still one of the most effective paths to inflict ransomware on recipients or steal their info.
Yes, protective technology improves, but as its said time and time again, that won’t matter if the human element is the weak link. How will the US proceed? It’s a case-by-case basis, but there are general formats for instruction such as the National Initiative for Cybersecurity Education. They’re designed to emphasize good cybersecurity habits, ways to build a strong cybersecurity infrastructure at the ground level, and keep everyone in the loop about spotting dangerous threats.
Navigating new technology
If there’s another major challenge the cybersecurity initiative has to face down, it’s how technology intertwines with network connections. The IoT, Internet of Things, is still keeping pace and modernizing tech across the board, from “smart” home devices to even manufacturing. It’s not a new concern, as ever since the introduction of network linked hardware, alarm bells were rung.
If a device is constantly connected to a network, how is the data secured or encrypted? Who will continue to update it? If the providing company goes out of business, changes, or otherwise stops offering support, is the device safe? Expand that problem to devices everywhere and you can see how it creates a problem: numerous internet facing devices all offering a measure of valuable data.
As a whole, trying to wrangle every existing IoT device would prove daunting, so one step in the right direction is to establish security rules for new IoT-based hardware. Rather than reacting to new problems and trying to patch every whole in the digital pipeline, beginning with a sturdy foundation will prove valuable in the long term.
How long will this approach take? When can we expect meaningful, tangible results? That isn’t clear, and remains to be seen. However, it’s good that the US and international governing bodies are taking meaningful (as they claim) action for cybersecurity.